Here are some great open-source alternatives to IOS and Android.
European:
- Ubuntu Touch Germany 🇩🇪
- Postmarket OS Europe 🇪🇺
- Sailfish OS Finland 🇫🇮
- Manjaro Arm Germany 🇩🇪
- /e/ OS France 🇫🇷
Non-european:
- Graphene OS Canada 🇨🇦
- WebOS South Korea 🇰🇷
Come join us at !linuxphones@lemmy.ca to discuss building up the alternatives.
Ubuntu Touch and postmarketOS, like many other Linux-based phone operating systems, have significant security issues.
https://madaidans-insecurities.github.io/linux-phones.html
This article highlights only a small fraction of the critical security issues present in Linux-based mobile systems, with a focus on the Librem 5 (a literal scam) and PureOS. These systems lack essential security features found in modern mobile operating systems like iOS and Android, such as app sandboxing, verified boot, hardware keystores (secure elements), and secure image-based OTA updates.
I don’t fundamentally oppose the idea of Linux on smartphones and tablets, but the current implementations are severely lacking in terms of privacy, security, and user experience. While there are developments in the desktop and mobile Linux space, such as immutable/image-based systems and sandboxing technologies like bubblewrap (used in Flatpak), it will take many years before we see modern, private, secure, and user-friendly Linux phones. In the meantime, hardened, degoogled Android-based systems like GrapheneOS are the best option available.
Sailfish is the most secure Linux mobile distro as the cops couldn’t even break into it.
A police department can’t break into anything. They either use 3rd-party tools made by companies like Cellebrite or MSAB, or they send a device to e.g. the FBI (who might sometimes have custom tools, but most of the time they also just use some tool made by some forensics company like Cellebrite). The only reason why forensics companies don’t offer SailfishOS exploits, is because it’s way too obscure, and developing an exploit wouldn’t be profitable by any means. That doesn’t mean that SailfishOS is exploit-proof though. Defending against brute-force attacks requires a hardware secure element, like the Titan M2 or Apple Secure Enclave. Jolla phones simply don’t have secure elements.
GrapheneOS is the only OS that’s “Cellebrite-proof”, as can be seen in leaked internal docs from Cellebrite.
SailfishOS is also paid and mostly proprietary. There’s no reason to trust it more than proprietary Android or iOS. In fact, I’d prefer a modern iPhone (12 or later) with the Apple Secure Enclave over a equally proprietary, but less secure device that lacks a secure element. The UX is also a million times better. And yes, I have tried SailfishOS in the past, back when it only ran on Sony Xperia phones. It even was my daily driver for a couple of months.